Skip to:

Marketplace

Black Duck Security

by Black Duck
works with Bitbucket Cloud
Discover more

Free app

OVERALL RATINGS

SUPPORT

  • Partner Supported

Showing details for Cloud

Key highlights of the appOnboard SAST/SCA at scale, find and fix security and code quality issues in your code and open source

Uncompromised trust in software

The app provides an intuitive UI to configure and onboard Bitbucket repositories at scale with Black Duck SAST and SCA products, find and fix issues in your code as well as the open source dependencies you are using.

Integrate Black Duck into your CI/CD pipelines

Black Duck Security products integrate with Bitbucket Pipelines using Bridge CLI or Black Duck Pipe. These integrations include support for all major Black Duck security testing solutions as part of the CI/CD workflow.

Find and fix SAST/SCA issues

If vulnerabilities are found in a pull request, a comment will be added outlining the fix. Automated vulnerability fixes will also be submitted as pull requests to keep your application secure.

More details

Using Black Duck Security, you can onboard Bitbucket repositories at scale with Black Duck SAST and SCA products, find and fix issues in your code as well as the open source dependencies you are using.

Black Duck SAST and SCA product portfolio helps you:

  • Manage AppSec risk at enterprise scale
  • Build secure, high-quality software faster
  • Accelerate your AI transformation
  • Secure your software supply chain

For more information, please visit our documentation

Follow these simple steps to get started:

  • Log in to Black Duck Security app with your Bitbucket account.
  • Select the workspace and repositories you'd like to onboard
  • Configure the Black Duck product you want to onboard:
    • Polaris
    • Black Duck SCA
    • Coverity
  • Configure options for the selected Black Duck product
  • Optionally, edit the workflow file to configure advanced options if necessary
  • Submit to inject workflows into the selected repositories

Resources

  • App documentation

    Comprehensive set of documentation from the partner on how this app works

Privacy and Security

Privacy policy

Atlassian's privacy policy is not applicable to the use of this app. Please refer to the privacy policy provided by this app's partner.

Partner privacy policy

Security program

This app is not part of the Marketplace Bug Bounty program.

Version information

Version 2.1.0for Bitbucket Cloud

Release date
Mar 27th 2026
Summary
Bitbucket app initial release
Details

Initial release

Payment model
Free
License type
Commercial - no charge

Learn and explore

  • What’s Marketplace
  • App installation
  • About Atlassian
  • Atlassian resources
  • Search and ranking
  • Atlassian events
  • Atlassian foundation

Follow